package com.bzsg.rightsManagementSystem.config.security_config

import org.springframework.security.access.AccessDecisionManager
import org.springframework.security.access.ConfigAttribute
import org.springframework.security.authentication.InsufficientAuthenticationException
import org.springframework.security.core.Authentication
import org.springframework.security.core.GrantedAuthority
import org.springframework.stereotype.Component

@Component
class CustomizeAccessDecisionManager : AccessDecisionManager {
    @Throws(AccessDeniedException::class, InsufficientAuthenticationException::class)
    override fun decide(authentication: Authentication, o: Any?, collection: Collection<ConfigAttribute?>) {
        for (ca in collection) {
            val needRole: String = ca?.attribute!!
            //当前请求需要的权限
            //当前用户所具有的权限
            val authorities: Collection<GrantedAuthority?> = authentication.authorities
            for (authority in authorities) {
                if (authority?.authority.equals(needRole)) {
                    return
                }
            }
        }

    }

    override fun supports(configAttribute: ConfigAttribute?): Boolean {
        return true
    }

    override fun supports(aClass: Class<*>?): Boolean {
        return true
    }
}